5 matches found
EUVD-2016-4430
Malware in sbrugna...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
curl: Double free caused by mqtt_doing()
mqttdoing lib/mqtt.c causes a double free under certain conditions. The conditions are 1 an mqttsend is unable to send its entire buffer at one time; and 2 the next call to mqttsend fails. The bug arises because mqttdoing frees the pointer mq-sendleftovers without nulling it line 755. Source belo...
Code injection
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...